The attack takes advantage of a recently fixed Flash bug (CVE-2012-0754). The vulnerability was repaired, along with six others, last month when Adobe released Flash Player 11.1.102.62 for Windows, Macintosh, Linux and Solaris.

Just seven of 42 of the most popular anti-virus products on Saturday had detected the malicious file, according to a VirusTotal review commissioned by Contagio.

Reached by email, Parkour said "someone donated the sample and sounds like a lot of them are already in circulation." An Adobe spokeswoman said the company didn't have any information about the extent of the threat.

Adobe also released another Flash update (11.1.102.63) to address two critical vulnerabilities. The flaws garnered "Priority 2" status under Adobe's newly launched ratings system. Priority 2 means there are no known exploits for any of the bugs being fixed, nor are attacks imminent.